正式环境不能像开发环境一样随意..

网桥

1
2
3
4
5
6
7
8
9
10
 
cat >> /etc/sysctl.conf<<EOF
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-iptables=1
net.ipv4.neigh.default.gc_thresh1=4096
net.ipv4.neigh.default.gc_thresh2=6144
net.ipv4.neigh.default.gc_thresh3=8192
EOF

# 这个其实是重启命令
init 6

如果已经安装高版本Docker,可进行降级安装(可选)

1
 
yum downgrade --setopt=obsoletes=0 -y docker-ce-${version} docker-ce-selinux-${version}

卸载旧版本Docker软件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
sudo yum remove docker \
              docker-client \
              docker-client-latest \
              docker-common \
              docker-latest \
              docker-latest-logrotate \
              docker-logrotate \
              docker-selinux \
              docker-engine-selinux \
              docker-engine \
              container*


sudo adduser docker
sudo echo 'docker ALL=(ALL) ALL' >> /etc/sudoers
export docker_version=17.03.2
sudo yum update -y
sudo yum install -y yum-utils device-mapper-persistent-data lvm2 bash-completion
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo yum makecache all
version=$(yum list docker-ce.x86_64 --showduplicates | sort -r|grep ${docker_version}|awk '{print $2}')
sudo yum -y install --setopt=obsoletes=0 docker-ce-${version} docker-ce-selinux-${version}
sudo usermod -aG docker docker
sudo systemctl enable docker

物理机需要增加overlay2,云服务器已是overlay2。不需要这配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 
vi /etc/docker/daemon.json
{
"max-concurrent-downloads": 3,
"max-concurrent-uploads": 5,

"registry-mirrors": ["https://a9wm3lf0.mirror.aliyuncs.com"],

"graph": "/home/docker",

"storage-driver": "overlay2",
"storage-opts": ["overlay2.override_kernel_check=true"],

"log-driver": "json-file",
"log-opts": {
    "max-size": "100m",
    "max-file": "3"
    }
}

WARNING: bridge-nf-call-ip6tables is disabled

1
2
3
4
5
6
 
vi /etc/sysctl.conf

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

sysctl -p